No filetype checks on RAR-archives

Volker Dose vpdose at kirchenweg.de
Wed Apr 15 08:19:52 UTC 2015 

Hi,

Thanks a lot for the link, But I am using  a 32bit architektur, do you have a rpm for that also?

Best regards,

Volker

Volker Dose

> Am 15.04.2015 um 09:42 schrieb Jerry Benton <jerry.benton at mailborder.com>:
> 
> https://s3.amazonaws.com/mailborder/releases/stable/4.1.0/unrar-4.2.3-1.el6.rf.x86_64.rpm
> 
> 
> -
> Jerry Benton
> www.mailborder.com
> 
> 
> 
>> On Apr 15, 2015, at 3:37 AM, Volker Dose <vpdose at kirchenweg.de> wrote:
>> 
>> Hi,
>>  
>> I am using CentOS and afaik there is no rar-Support compiled in - at least no sign of "libclamavunrar":
>>  
>>  
>> [root at mailscanner ~]# ldd /usr/bin/clamscan 
>>         linux-gate.so.1 =>  (0x00748000) 
>>         libclamav.so.6 => /usr/lib/libclamav.so.6 (0x008ef000) 
>>         libxml2.so.2 => /usr/lib/libxml2.so.2 (0x001bf000) 
>>         libz.so.1 => /lib/libz.so.1 (0x00f46000) 
>>         libbz2.so.1 => /lib/libbz2.so.1 (0x00515000) 
>>         libssl.so.10 => /usr/lib/libssl.so.10 (0x00659000) 
>>         libcrypto.so.10 => /usr/lib/libcrypto.so.10 (0x0030a000) 
>>         libm.so.6 => /lib/libm.so.6 (0x004d2000) 
>>         libdl.so.2 => /lib/libdl.so.2 (0x00fce000) 
>>         libpthread.so.0 => /lib/libpthread.so.0 (0x00526000) 
>>         libc.so.6 => /lib/libc.so.6 (0x00749000) 
>>         libgssapi_krb5.so.2 => /lib/libgssapi_krb5.so.2 (0x00541000) 
>>         libkrb5.so.3 => /lib/libkrb5.so.3 (0x00af2000) 
>>         libcom_err.so.2 => /lib/libcom_err.so.2 (0x004fc000) 
>>         libk5crypto.so.3 => /lib/libk5crypto.so.3 (0x00581000) 
>>         libresolv.so.2 => /lib/libresolv.so.2 (0x005ac000) 
>>         /lib/ld-linux.so.2 (0x00e11000) 
>>         libkrb5support.so.0 => /lib/libkrb5support.so.0 (0x00501000) 
>>         libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x0050d000) 
>>         libselinux.so.1 => /lib/libselinux.so.1 (0x00bfc000)
>>  
>> When I check a zip-archiv it shows this:
>>  
>> [root at mailscanner ~]# clamscan putty.zip
>> 
>> putty.zip: Sanesecurity.Foxhole.Zip_exe.UNOFFICIAL FOUND
>> 
>> ----------- SCAN SUMMARY -----------
>> Known viruses: 4478278
>> Engine version: 0.98.6
>> Scanned directories: 0
>> Scanned files: 1
>> Infected files: 1
>> Data scanned: 0.00 MB
>> Data read: 0.25 MB (ratio 0.00:1)
>> Time: 16.959 sec (0 m 16 s)
>> 
>>  
>>  
>> [root at mailscanner ~]# clamscan putty.rar
>> 
>> putty.rar: OK
>> 
>> ----------- SCAN SUMMARY -----------
>> 
>> Known viruses: 4478278 
>> Engine version: 0.98.6 
>> Scanned directories: 0 
>> Scanned files: 1 
>> Infected files: 0 
>> Data scanned: 0.22 MB 
>> Data read: 0.22 MB (ratio 1.00:1) 
>> Time: 17.652 sec (0 m 17 s)
>> 
>>  
>>  
>> But this is maybe just a side-problem, I was hoping to get the filetype recognition working in MS.
>>  
>> Here my Settings regarding rar/unrar  in MailScanner.conf:
>>  
>> Unrar Command = /usr/bin/unrar 
>> Unrar Timeout = 50
>>  
>>  
>> Best regards
>> Volker
>> 
>> > Rick Cooper <rcooper at dwford.com> hat am 15. April 2015 um 02:03 geschrieben: 
>> > 
>> > 
>> > Volker Dose wrote: 
>> > > Hi, 
>> > > 
>> > > I have already configured the foxhole-stuff and it works brilliantly 
>> > > on zip-files. But no effect on executables in rar-archives. 
>> > > 
>> > > I was reading, that clam has no support for opening and scanning 
>> > > rar-archives because of license issues. I have the actual clamav 
>> > > installed and even tried to compile from scratch, but no success 
>> > > -rar-files are not scanned. 
>> > 
>> > ClamAv has had RAR capabilities since verion 0.90. 
>> > Now, from what I remember Fedora does not include libunrar (even though it's 
>> > free) and I think there version of the rpm uses the --disable-unrar switch 
>> > as well. Don't remember if you are using fedora or not. 
>> > 
>> > 
>> > Also you have to have unrar installed for MailScanner to unpack it. 
>> > Look in the MailScanner.conf for 
>> > 
>> > MailScanner.conf:Unrar Command = /usr/bin/unrar 
>> > 
>> > And point it to your unrar binary 
>> > 
>> > 
>> > -- 
>> > MailScanner mailing list 
>> > mailscanner at lists.mailscanner.info 
>> > http://lists.mailscanner.info/listinfo/mailscanner 
>> > 
>> 
>> 
>> -- 
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/listinfo/mailscanner
> 
> 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/listinfo/mailscanner
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150415/082f64db/attachment.html>

More information about the MailScanner mailing list